14. SSL and HTTPS

แชร์
ฝัง
  • เผยแพร่เมื่อ 23 ธ.ค. 2024

ความคิดเห็น •

  • @august9980
    @august9980 3 ปีที่แล้ว +17

    This has been very helpful refreshing myself on some things. I would love to comment that the instructor, who presumably has taught this many times and can even be a stale subject (legacy protocols etc), looks so damn genuinely excited. You can see his passion for networking and that giddy little smile as he's watching a student connect the dots, much like the smile I assume we all get the first time you correctly configure a lab after hours of trial and error.
    So thank you Nickolai for sharing your passion, it's greatly appreciated and you are very proficient in all aspects of your role. Cheers

  • @melissabellemills2562
    @melissabellemills2562 4 ปีที่แล้ว +48

    I'm so appreciative that is this available to everyone. This is great.

  • @lubosculak4170
    @lubosculak4170 3 ปีที่แล้ว +2

    I have never seen crypto, ssl, tls etc...explained better than in this lesson. This lecturer is really great.

  • @bozegovic
    @bozegovic 6 ปีที่แล้ว +35

    This guy is a fantastic lecturer!

  • @sriharshacv7760
    @sriharshacv7760 5 ปีที่แล้ว +6

    This lecture is more like a general discussion on SSL, Certificates. It assumes that you will learn about certificates on your own. (set the right expectations)

  • @ReadingKing1
    @ReadingKing1 ปีที่แล้ว +1

    What a passionate teacher, I learned what is passion from him

  • @osraneslipy
    @osraneslipy 4 ปีที่แล้ว +2

    This lecture is just awesome. I can see why MIT is the best.

  • @kiddyjeldsalacot910
    @kiddyjeldsalacot910 5 ปีที่แล้ว +14

    This guy is a fantastic lecturer and amazing!!!

  • @edwardwong654
    @edwardwong654 5 ปีที่แล้ว +3

    This guy teaches well and he is very easy to understand.

  • @hj-core
    @hj-core 10 หลายเดือนก่อน

    13:24 Can someone explain why the nonce generated by B helps to fix the replay problem? Thanks.

  • @marekgibas1591
    @marekgibas1591 6 ปีที่แล้ว +1

    12:51 It's Diffie-Hellman (misheard in subs).

  • @DannyD1Chung
    @DannyD1Chung 6 ปีที่แล้ว +6

    Excellent lecture! Everything explained nicely. You can clearly tell he is very knowledgeable about the topic.

  • @shanjose1404
    @shanjose1404 6 ปีที่แล้ว +2

    Is it normal to have Session ID in the First Client Hello, and then have the Web Server pick that up and use it in further TLS traffic ? Why is this behavior were the Client Hello decides the Session ID; and does this have any security risks for a public facing webserver?

  • @vashugupta9428
    @vashugupta9428 3 ปีที่แล้ว

    Where are the lectures of this course?

    • @mitocw
      @mitocw  3 ปีที่แล้ว +1

      TH-cam playlist: th-cam.com/video/GqmQg-cszw4/w-d-xo.html.
      Course materials: ocw.mit.edu/6-858F14. Best wishes on your studies!

    • @vashugupta9428
      @vashugupta9428 3 ปีที่แล้ว +2

      @@mitocw you guys replied on 4 Years old video and that also within a day. You are awesome people ❤️

  • @veramentegina
    @veramentegina 5 ปีที่แล้ว

    Nickolai is a great lecturer.

  • @mattjohn1155
    @mattjohn1155 2 ปีที่แล้ว

    Can we see public key on certificate? Anyone can explain for me, please I'm still vague.

    • @ReadingKing1
      @ReadingKing1 ปีที่แล้ว +1

      Yeah,public key is sended with CA

  • @btcblade3334
    @btcblade3334 6 ปีที่แล้ว +9

    you are such a good teacher

  • @Jeff-zc6rr
    @Jeff-zc6rr 7 หลายเดือนก่อน

    why do professors still use notes? do t hey not have the material memorized?

  • @moums2009
    @moums2009 5 ปีที่แล้ว

    what is an attacker change jquery and create new hash?

    • @jamesbrown99991
      @jamesbrown99991 4 ปีที่แล้ว

      The attacker has no access to the hash; the developer specifies the allowable hash in their source, and the hash would be calculated based on the content of the jquery code received by the browser.

  • @kachro1302
    @kachro1302 6 ปีที่แล้ว +4

    Really good lecture. Thank you!

  • @kavitaray2523
    @kavitaray2523 6 ปีที่แล้ว

    Can you please help us understanding where exactly chain certificate is involved in SSL handshake. I have concerns... what chain certificate does at server side. I understand what is chain certificate but my question is where you are making use of chain certificate in SSL handshake?
    Why we copy that on server when it not require in Ssl handshake. is there any specific use case of chain certificate
    I heard that Browsers have major root CAs and intermediate CAs public keys. Please correct if I am wrong, Whatever I see in the browser, those are not the root certificate and chain/intermediate certificate but they are only public keys of root and chain certs. Next, During the SSL handshake in step two when server responds to the client with his Server hello message.... After that does server send only server certificate or it sends both to the client (server certificate and chain certificate)? Please answer

    • @mohanravindran
      @mohanravindran 6 ปีที่แล้ว +3

      Kavita Singh : During server hello, server sends the chain of certs. This helps client to validate if the server is chaining to correct Root Ca and not talking to someone who is acting as a man in the middle. This is why you import the chain of certs at server side. Install a wireshark or network monitor tool on your laptop and connect to any secure websites, you can see this in a trace.

  • @BabuBakthavachalam
    @BabuBakthavachalam 4 ปีที่แล้ว +1

    Thank you

  • @ttttyyyy755
    @ttttyyyy755 6 ปีที่แล้ว +1

    I would say the title shall be keberos protocol

    • @naradmoni2830
      @naradmoni2830 4 ปีที่แล้ว

      You don't get to decide, MIT does. And no, this isn't about KerberOS, it is about SSL.

  • @GOLDVIOLINbowofdeath
    @GOLDVIOLINbowofdeath 5 ปีที่แล้ว +5

    Damn, I missed the quiz!

  • @mrao2137
    @mrao2137 7 ปีที่แล้ว +4

    MIT don't have white board??

    • @ZortLF2
      @ZortLF2 6 ปีที่แล้ว +3

      Blackboard is better imo, easier to see when the chalk is used up and less waste.

    • @zufex2029
      @zufex2029 6 ปีที่แล้ว +2

      It looks more like Terminal! I love it!

  • @juliantoon4502
    @juliantoon4502 3 ปีที่แล้ว

    good lessons

  • @thereGoMapo
    @thereGoMapo 4 ปีที่แล้ว

    Public keys are accessible by anyone. Anyone can encrypt data using them. This allows for ransomware attacks...

  • @balazsszekely4197
    @balazsszekely4197 3 ปีที่แล้ว

    Just funny complete course link in the description is HTTP. Anyway good lecture.

  • @daniellugo4272
    @daniellugo4272 7 ปีที่แล้ว +24

    Billions of dollar for the MIT each year and they cant fix a door lol - great lecture though...

    • @1_adityasingh
      @1_adityasingh 5 ปีที่แล้ว

      Lol. My school can't fix lights.

  • @LogicArray
    @LogicArray 4 ปีที่แล้ว +2

    I have to say I missed lectures

  • @vimalk8923
    @vimalk8923 7 ปีที่แล้ว +2

    why does he writes 'a' like he is writing an 'e'

  • @masumehto5288
    @masumehto5288 4 ปีที่แล้ว

    He is a excellent tutor.i like his way of teaching.

  • @rickelmonoggin
    @rickelmonoggin 4 ปีที่แล้ว +3

    Good lecture, except it wasn't really about SSL. At one point he even says SSL isn't very interesting, LOL!

    • @medkha8210
      @medkha8210 ปีที่แล้ว

      TLS is a proposed Internet Engineering Task Force (IETF) standard, first defined in 1999, and the current version is TLS 1.3, defined in August 2018. TLS builds on the now-deprecated SSL (Secure Sockets Layer) specifications (1994, 1995, 1996) developed by Netscape Communications for adding the HTTPS protocol to their Navigator web browser.

  • @GOLDVIOLINbowofdeath
    @GOLDVIOLINbowofdeath 5 ปีที่แล้ว

    Don’t go to MIT ti study audio production

    • @naradmoni2830
      @naradmoni2830 4 ปีที่แล้ว

      No one asked for your opinion. Also use captions. Machines can hear him.

  • @sinistergate
    @sinistergate 7 ปีที่แล้ว +3

    cooolll

  • @Shvmadogg
    @Shvmadogg 4 ปีที่แล้ว +1

    make sense?

    • @davetriplett4779
      @davetriplett4779 4 ปีที่แล้ว

      shiran VATURY not a word...(😢

    • @Shvmadogg
      @Shvmadogg 4 ปีที่แล้ว +1

      @@davetriplett4779 actually it's pretty easy. Try using openssl and you'll get the hang of it

    • @davetriplett4779
      @davetriplett4779 4 ปีที่แล้ว

      shiran VATURY Thanks! I will look that up!

  • @ChinmeshManjrekar
    @ChinmeshManjrekar 6 ปีที่แล้ว +3

    40 minutes in, and still nothing on SSL.

    • @davew2040x
      @davew2040x 6 ปีที่แล้ว +3

      Isn't this the entire basis for SSL? What are you looking for exactly?

    • @semtex6412
      @semtex6412 6 ปีที่แล้ว +1

      take some nootropics

  • @belowasmelashgebremariam
    @belowasmelashgebremariam 3 ปีที่แล้ว

    Kemey ke

  • @layzlifts9856
    @layzlifts9856 6 ปีที่แล้ว +1

    I just realized he spelled skank on the board.

  • @austinmurphy9074
    @austinmurphy9074 5 ปีที่แล้ว +3

    camera guy thinks he is filming dolphins

  • @ChinmeshManjrekar
    @ChinmeshManjrekar 6 ปีที่แล้ว +5

    Title is so misleading, he never speaks about SSL, dont waste your time watching it.

    • @Debjit625
      @Debjit625 6 ปีที่แล้ว +5

      This course is about Computer Systems Security, and this video is about what is the role of SSL and HTTPS it's not about implementing it rather understanding the core function of SSL between HTTP and TCP/IP.

  • @valeenoi2284
    @valeenoi2284 3 ปีที่แล้ว

    I'm wonder why this class is being taught at graduate level... let alone at MIT of all the universities? You would expect for schools to go over these basic topics in undergrad.
    Note: 98% of class are men, lol. Come'n women... join the foray. Feel the pain and then the excitement.

  • @tenminutetokyo2643
    @tenminutetokyo2643 4 ปีที่แล้ว

    Too bad none of them will get a job in IT when they graduate.

  • @maance
    @maance 3 ปีที่แล้ว

    Such a confusing lecture. So much unnecessary and confusing information provided! How MIT can hire a person like Zildevich!!!

  • @minall6889
    @minall6889 4 ปีที่แล้ว +2

    you are such a good teacher

  • @juliantoon4502
    @juliantoon4502 3 ปีที่แล้ว

    good lessons